The article hones in a particular component of the security issue, whether or not an organization utilizes an open source policy. Results were compiled through a survey:

“When the 3,500 survey respondents were asked what are the biggest challenges in their company’s open-source policy, the main reasons listed were ‘no enforcement,’ ‘it slows down development’ and ‘we find out about problems too late in the process.’ When asked who in the organization has primary responsibility for open-source policy and governance, 36 percent ascribed that role to ‘application-development management,’ 14 percent to ‘IT operations,’ 16 percent to legal, 13 percent to an open-source committee or department, 7 percent to security, 7 percent to risk and compliance and 7 percent to ‘other.’”

So of the organizations that do utilize an open source policy, many acknowledge little enforcement paltry oversight. These concerns are real. However, an organization may benefit from a compromise, a value-added open source software option. A solution like LucidWorks is fully packaged and supported; not just free-roaming bits of code to be grabbed from the free web. Users and managers can feel more confident in LucidWorks because it is packaged in a way that is easier for them to understand. Most importantly, LucidWorks has long-term industry support and positive track record.